|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Martin Paljak (martin
paljak.pri.ee)
Date: Thu Nov 04 2010 - 09:33:41 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello,
* Background:
The Estonian ID card has historically had two ATR-s, a warm and a cold. There are several incarnations of the cards where the command interface should be "similar" to the original Micardo card but is not always the case.
There are several cards:
Micardo based with a cold ATR [1] [3] and a warm ATR [2] [4]. Notice that cold ATR-s specify both T=1 and T=0 but warm ATR-s don't (which will mean T=0)
Another incarnation of the card should mimic the Micardo card, but actually doesn't. It incorrectly copies the ATR of one of the earlier cards, but in a reverse order: the shorter style ATR [5] which other cards use for a warm ATR
is now used for the cold ATR and the longer cold ATR [6] of a previous card used for the warm ATR.
* FYI:
Some versions of pcsc-lite in the 1.5.x range don't correctly handle such situation and truncate the longer warm ATR to the length of the cold ATR (which did not pop up with earlier cards).
This has been fixed in the 1.6.x version, so people who can upgrade should do it ASAP :)
* Problem:
pcsc-lite tries to use T=1 by default, which will cause troubles after a warm reset if the two different ATR-s don't specify the same supported protocols in the ATR.
To work around it, resetting the card is required. Sadly, one of the cards that copies the ATR with both T=1 and T=0 in the warm ATR actually is the one who *can't* speak T=1.
But also, the card is difficult to match because of the copied ATR. This will result in needless reset's ("force_protocol" in OpenSC) to get the card to a known good state and slows down the already slow communication.
So with "original" cards the cold ATR claims T=1 support but after a warm reset can't be used with T=1 before a card powerdown. With the "broken" card, T=1 will be selected by pcsc-lite by default after a warm reset, but T=0 should be used to make the card work and this will also require a reset.
* Question:
I'm windering if pcsc-lite should only consider the cold ATR (if there are two different ATR-s) and the protocols claimed there for protocol agreement? What does the ISO specs say about it? These (IMO broken by design) cards are already out there and need the mentioned reset-workarounds, but maybe pcsc-lite could be "improved" as well (if it would make sense)
[1] http://smartcard-atr.appspot.com/parse?ATR=3BFE9400FF80B1FA451F034573744549442076657220312E3043
[2] http://smartcard-atr.appspot.com/parse?ATR=3B6E00FF4573744549442076657220312E30
[3] http://smartcard-atr.appspot.com/parse?ATR=3BDE18FFC080B1FE451F034573744549442076657220312E302B
[4] http://smartcard-atr.appspot.com/parse?ATR=3B5E11FF4573744549442076657220312E30
[5] http://smartcard-atr.appspot.com/parse?ATR=3B6E00004573744549442076657220312E30
[6] http://smartcard-atr.appspot.com/parse?ATR=3BFE9400FF80B1FA451F034573744549442076657220312E3043
All the best,
--
MartinPaljak.net
+3725156495
_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]